ITMPI FLAT 005
Main Menu
Home / Uncategorized / Open Environment With A Secure Framework? Sure.

Open Environment With A Secure Framework? Sure.

Let's see what to put in the perfect storm of risky IT developments: increasing complexity, decreased budgets, BYOD culture and, let's see” — yes, how about some new tech like the cloud. What comes out? A great opportunity for bad things, and that's just where IT finds itself these days: between new technologies and lessening control, IT no longer can use old models of risk management simply won't keep organizations from being exposed to outside threats like before. A few new, effective ways to manage these risks are presented in this article by Kevin Cunningham. Cunningham begins by explaining how risk management has to be embraced by the whole organization, not just IT: This requires a formal categorization of risks in order to understand potential threats and vulnerabilities, and to implement the appropriate set of controls to balance the business' need for convenience, usability, and availability with the need for security measures that mitigate risk. This includes implementing the necessary controls to eliminate specific risks such as workers who hold access privileges they don't need, terminated workers whose access privileges are not removed, or toxic combinations of access privileges that increase the potential for fraud, etc. The article then goes on, explaining that the organization must have “identity intelligence” tools that allow the business to see what access each employee has, how they are using it, and any potentially risky actions taken by them. The last tip Cunningham lists is open collaboration between IT and business. After all, it's going to take working between both groups to align IT's operational policies to the business and implement the processes for identifying what resources have access to what systems.

About Matthew Kabik

Matthew Kabik is the former Editor of Computer Aid's Accelerating IT Success. He worked at Computer Aid, Inc. from 2008 to 2014 in the Harrisburg offices, where he was a copywriter, swordsman, social media consultant, and trainer before moving into editorial.

Check Also

The Seven Activities of Project Closeout

People go crazy when a TV show like Firefly or Agent Carter gets canceled, because …

Leave a Reply

Your email address will not be published. Required fields are marked *